Year

2017

Degree Name

Master of Philosophy

Department

School of Computing and Information Technology

Abstract

Metamorphic testing (MT) is a property-based software testing method which al- leviates the oracle problem and enables test automation. The oracle problem refers to the difficulty or high cost of deciding whether the output program of test cases is correct. In this thesis we use MT to alleviate the oracle problem by testing code obfuscators which perform code obfuscation tasks. Code obfuscation is a popular and effective technique for protecting software code. Its key function is to transform a Pro- gram Being Protected (PBP) to a Semantically-Equivalent Version (SEV ), such that the SEV is difficult to reverse (de-compile) or understand; SEV and PBP must have equivalent behaviour. Like compilers, obfuscators are critical applications because incorrectly obfuscated code not only compromises the confidentiality of software, it also cause serious and unexpected problems during the execution of SEV. However, the oracle problem makes it difficult to test the functional correctness of obfuscators, such deciding the equivalence between PBP and SEV. Although a lot of research into testing compilers has been carried out, very little has been done on testing obfuscators. In this research we use MT to test obfuscators in an automated fashion. The results of experiments show that MT detected a number of previously unknown bugs in 4 real world obfuscators, including open source software, free software, and commercial software.

Share

COinS